For higher security Lighttpd can be configured to allow only https access by a few simple steps.
To generate certificates, openssl is needed.
|
1 |
apk add openssl |
Change to the lighttpd configuration directory
cd /etc/lighttpd
With the command below the certificates are generated. Answer all questions.
|
1 |
openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes |
Adjust the permissions
|
1 |
chmod 400 /etc/lighttpd/server.pem |
Configure Lighttpd
The configuration of lighttpd needs be be modified.
|
1 |
nano /etc/lighttpd/lighttpd.conf |
Uncomment this section and adjust the path. Or copy the example below into your configuration file.
|
1 2 |
ssl.engine = "enable" ssl.pemfile = "/etc/lighttpd/server.pem" |
Restart lighttpd
|
1 |
/etc/init.d/lighttpd restart |
More details can be found in the Lighttpd documentation. A full article is available in the Alpine Linux wiki.
